From 9c2adfa6ba134efaf0bdeb15f76f99e9bcffb903 Mon Sep 17 00:00:00 2001 From: Tushar Sugandhi Date: Fri, 13 Aug 2021 14:37:58 -0700 Subject: dm ima: prefix ima event name related to device mapper with dm_ The event names for the DM events recorded in the ima log do not contain any information to indicate the events are part of the DM devices/targets. Prefix the event names for DM events with "dm_" to indicate that they are part of device-mapper. Signed-off-by: Tushar Sugandhi Suggested-by: Thore Sommer Signed-off-by: Mike Snitzer --- drivers/md/dm-ima.c | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) (limited to 'drivers/md/dm-ima.c') diff --git a/drivers/md/dm-ima.c b/drivers/md/dm-ima.c index 22faf0698d09..3fd69ab12a8e 100644 --- a/drivers/md/dm-ima.c +++ b/drivers/md/dm-ima.c @@ -192,6 +192,7 @@ void dm_ima_measure_on_table_load(struct dm_table *table, unsigned int status_fl * when prefixing the hash value with the hash algorithm name. e.g. sha256:. */ const size_t hash_alg_prefix_len = strlen(DM_IMA_TABLE_HASH_ALG) + 1; + char table_load_event_name[] = "dm_table_load"; ima_buf = dm_ima_alloc(DM_IMA_MEASUREMENT_BUF_LEN, GFP_KERNEL, noio); if (!ima_buf) @@ -271,7 +272,7 @@ void dm_ima_measure_on_table_load(struct dm_table *table, unsigned int status_fl * targets by prefixing the device metadata again. */ if (unlikely(cur_total_buf_len >= DM_IMA_MEASUREMENT_BUF_LEN)) { - dm_ima_measure_data("table_load", ima_buf, l, noio); + dm_ima_measure_data(table_load_event_name, ima_buf, l, noio); r = crypto_shash_update(shash, (const u8 *)ima_buf, l); if (r < 0) goto error; @@ -280,8 +281,8 @@ void dm_ima_measure_on_table_load(struct dm_table *table, unsigned int status_fl l = 0; /* - * Each new "table_load" entry in IMA log should have device data - * prefix, so that multiple records from the same table_load for + * Each new "dm_table_load" entry in IMA log should have device data + * prefix, so that multiple records from the same "dm_table_load" for * a given device can be linked together. */ memcpy(ima_buf + l, DM_IMA_VERSION_STR, table->md->ima.dm_version_str_len); @@ -292,7 +293,7 @@ void dm_ima_measure_on_table_load(struct dm_table *table, unsigned int status_fl /* * If this iteration of the for loop turns out to be the last target - * in the table, dm_ima_measure_data("table_load", ...) doesn't need + * in the table, dm_ima_measure_data("dm_table_load", ...) doesn't need * to be called again, just the hash needs to be finalized. * "last_target_measured" tracks this state. */ @@ -311,7 +312,7 @@ void dm_ima_measure_on_table_load(struct dm_table *table, unsigned int status_fl } if (!last_target_measured) { - dm_ima_measure_data("table_load", ima_buf, l, noio); + dm_ima_measure_data(table_load_event_name, ima_buf, l, noio); r = crypto_shash_update(shash, (const u8 *)ima_buf, l); if (r < 0) @@ -460,7 +461,7 @@ void dm_ima_measure_on_device_resume(struct mapped_device *md, bool swap) memcpy(device_table_data + l, capacity_str, capacity_len); l += capacity_len; - dm_ima_measure_data("device_resume", device_table_data, l, noio); + dm_ima_measure_data("dm_device_resume", device_table_data, l, noio); kfree(dev_name); kfree(dev_uuid); @@ -577,7 +578,7 @@ void dm_ima_measure_on_device_remove(struct mapped_device *md, bool remove_all) memcpy(device_table_data + l, capacity_str, capacity_len); l += capacity_len; - dm_ima_measure_data("device_remove", device_table_data, l, noio); + dm_ima_measure_data("dm_device_remove", device_table_data, l, noio); error: kfree(device_table_data); @@ -658,7 +659,7 @@ void dm_ima_measure_on_table_clear(struct mapped_device *md, bool new_map) memcpy(device_table_data + l, capacity_str, capacity_len); l += capacity_len; - dm_ima_measure_data("table_clear", device_table_data, l, noio); + dm_ima_measure_data("dm_table_clear", device_table_data, l, noio); if (new_map) { if (md->ima.inactive_table.hash && @@ -733,7 +734,7 @@ void dm_ima_measure_on_device_rename(struct mapped_device *md) "%s%snew_name=%s,new_uuid=%s;%s", DM_IMA_VERSION_STR, old_device_data, new_dev_name, new_dev_uuid, capacity_str); - dm_ima_measure_data("device_rename", combined_device_data, strlen(combined_device_data), + dm_ima_measure_data("dm_device_rename", combined_device_data, strlen(combined_device_data), noio); goto exit; -- cgit